This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jerry
Mentor
Mentor
‎2023-09-07 09:29 AM
Jump to solution

sk181427 - Check Point response to CVE-2022-4450 and CVE-2022-4304

hi folks,

 

anyone particularly concerned about those CVE's? does anyone uses SSL Enc/Decr. on the GW and need OpenSSL to be bumped to the 1.1.1t or 4?

Jerry
0 Kudos
1 Solution

Accepted Solutions
Jerry
Mentor
Mentor
‎2023-09-20 01:49 AM
In response to D_W
Jump to solution

AFAIK:

 

What is known – and publicly documented – is the infrastructure of the Mobile Access Blade and related Multi-Portal used for terminating HTTPS connections on the gateway.  

Another instance in Gaia terminating HTTPS connections is the Gaia Portal.

This portal is available on Management and Log servers as they are based on Gaia, as well on the gateway’s side.

 

The Security capabilities such as IPS and/or Application control are working independently of the multi-portal infrastructure, thus not vulnerable.

Jerry

View solution in original post

(1)
3 Replies
the_rock
Legend
Legend
‎2023-09-07 12:59 PM
Jump to solution

Hey bro,

Just checked that sk and all it says is below. Not sure when it will be updated.

Andy

 

 

Screenshot_1.png

 

 

0 Kudos
D_W
Advisor
‎2023-09-20 12:03 AM
Jump to solution

What blades/services are affected?!

0 Kudos
Jerry
Mentor
Mentor
‎2023-09-20 01:49 AM
In response to D_W
Jump to solution

AFAIK:

 

What is known – and publicly documented – is the infrastructure of the Mobile Access Blade and related Multi-Portal used for terminating HTTPS connections on the gateway.  

Another instance in Gaia terminating HTTPS connections is the Gaia Portal.

This portal is available on Management and Log servers as they are based on Gaia, as well on the gateway’s side.

 

The Security capabilities such as IPS and/or Application control are working independently of the multi-portal infrastructure, thus not vulnerable.

Jerry
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events